Skip to product menu
close
EXPLORE ALL PRODUCTS

Sales

CRM

Comprehensive CRM platform for customer-facing teams.

CRM
Voice

Cloud Contact Center Software for businesses.

Voice
Sign

Digital signature app for businesses.

Sign
Forms

Build online forms for every business need.

Forms
Bigin

Simple CRM for small businesses moving from spreadsheets.

Bigin
SalesIQ

Live chat app to engage and convert website visitors.

SalesIQ
Bookings

Appointment scheduling app for consultations with customers.

Bookings
RouteIQ

Comprehensive sales map visualization and optimal route planning solution.

RouteIQ
Thrive

Complete loyalty and affiliate management platform.

Thrive
Suites
CRM Plus

Unified platform to deliver top-notch customer experience.

CRM Plus

Marketing

Campaigns

Create, send, and track targeted email campaigns that drive sales.

Campaigns
Voice

Cloud Contact Center Software for businesses.

Voice
Sign

Digital signature app for businesses.

Sign
Forms

Build online forms for every business need.

Forms
Social

All-in-one social media management software.

Social
Survey

Design surveys to reach and interact with your audience.

Survey
SalesIQ

Live chat app to engage and convert website visitors.

SalesIQ
Sites

Online website builder with extensive customisation options.

Sites
Backstage

End-to-end event management software.

Backstage
PageSense

Website conversion optimization and personalisation platform.

PageSense
Marketing Automation

All-in-one marketing automation software.

Marketing Automation
LandingPage

Smart landing page builder to increase conversion rates

LandingPage
Webinar

Webinar platform for webcasting online webinars.

Webinar
NEW
LeadChain

Sync, manage, and convert leads across channels seamlessly.

LeadChain
NEW
Domains

Easy domain registration, transfer, and secured DNS management.

Domains
NEW
CommunitySpaces

Online community platform for individuals and businesses to grow their network and brand.

CommunitySpaces
Thrive

Complete loyalty and affiliate management platform.

Thrive
Publish

Manage all your local business listings on a single platform.

Publish
Suites
Marketing Plus

Unified marketing platform for marketing teams.

Marketing Plus

Commerce and POS

Commerce

eCommerce platform to manage and market your online store.

Commerce

Service

Desk

Helpdesk software to deliver great customer support.

Desk
Assist

Remote support and unattended remote access software.

Assist
Voice

Cloud Contact Center Software for businesses.

Voice
SalesIQ

Live chat app to engage and convert website visitors.

SalesIQ
Bookings

Appointment scheduling app for consultations with customers.

Bookings
FSM

End-to-end field service management platform for service businesses.

FSM
Lens

Interactive remote assistance software with augmented reality.

Lens
Solo

The all-in-one toolkit for solopreneurs.

Solo
Suites
Service Plus

Unified platform for customer service and support teams.

Service Plus

Finance

Books

Powerful accounting platform for growing businesses.

Books
Expense

Effortless expense reporting platform.

Expense
Sign

Digital signature app for businesses.

Sign
Inventory

Powerful stock management and inventory control software.

Inventory
FREE
Invoice

100% Free invoicing solution.

Invoice
Billing

End-to-end billing solution for your business.

Billing
NEW
Payroll

Payroll software with automated tax payments and filing.

Payroll
Commerce

eCommerce platform to manage and market your online store.

Commerce
Checkout

Collect payments online with custom branded pages.

Checkout
Practice

Practice management software for accounting firms.

Practice
Solo

The all-in-one toolkit for solopreneurs.

Solo
NEW
Payments

Unified payment solution built for all businesses.

Payments
Suites
Finance Plus

All-in-one suite to manage your operations and finances.

Finance Plus

Email, Storage, and Collaboration

Mail

Secure email service for teams of all sizes.

Mail
Voice

Cloud Contact Center Software for businesses.

Voice
Sign

Digital signature app for businesses.

Sign
WorkDrive

Online file management for teams.

WorkDrive
Bookings

Appointment scheduling app for consultations with customers.

Bookings
Cliq

Stay in touch with teams no matter where you are.

Cliq
Notebook

Beautiful home for all your notes.

Notebook
Meeting

Online meeting software for all your video conferencing & webinar needs.

Meeting
Connect

Employee experience platform to communicate, engage, and build positive employee relations.

Connect
Learn

Knowledge and learning management platform.

Learn
Office Integrator

Built in document editors for web apps.

Office Integrator
Writer

Word processor for focused writing and discussions.

Writer
TeamInbox

Shared inboxes for teams.

TeamInbox
ZeptoMail

Secure and reliable transactional email sending service.

ZeptoMail
Show

Create, edit, and share slides with a sleek presentation app.

Show
Tables

Work management tool to connect people, processes, and information.

Tables
Sheet

Spreadsheet software for collaborative teams.

Sheet
Office Suite

Powerful collaborative work platform for teams.

Office Suite
Calendar

Online business calendar to manage events and schedule appointments.

Calendar
ToDo

Collaborative task management for individuals and teams.

ToDo
FREE
PDF Editor

Collaborative online PDF editing tool.

PDF Editor
Suites
Workplace

Application suite built to improve team productivity and collaboration.

Workplace

Human Resources

Expense

Effortless expense reporting platform.

Expense
Recruit

Intuitive recruiting platform built to provide hiring solutions.

Recruit
People

Organize, automate, and simplify your HR processes.

People
Sign

Digital signature app for businesses.

Sign
NEW
Payroll

Payroll software with automated tax payments and filing.

Payroll
Shifts

Employee scheduling and time tracking app.

Shifts
Workerly

Manage temporary staffing with an employee scheduling solution.

Workerly
Suites
People Plus

Comprehensive HR platform for seamless employee experiences.

People Plus

Security and IT Management

Creator

Build custom apps to simplify business processes.

Creator
Assist

Remote support and unattended remote access software.

Assist
Vault

Online password manager for teams.

Vault
Directory

Workforce identity and access management solution for cloud businesses.

Directory
Lens

Interactive remote assistance software with augmented reality.

Lens
QEngine

Test automation software to build, manage, execute, and report testcases.

QEngine
Catalyst

Pro-code platform to build and deploy your apps.

Catalyst
RPA

Automate manual, tedious, and repetitive tasks easily.

RPA
NEW
eProtect

Comprehensive email security and archiving for every business.

eProtect
FREE
OneAuth

Secure multi-factor authenticator (MFA) for all your online accounts.

OneAuth
Toolkit

Complete resource for any admin-related lookup queries.

Toolkit

BI and Analytics

Analytics

Modern self-service BI and analytics platform.

Analytics
DataPrep

AI-powered data preparation service for your data-driven organization.

DataPrep
NEW
IoT

Harnessing IoT analytics for real-time operational intelligence.

IoT
Embedded BI

Embedded analytics and white label BI solutions, tailored for your needs.

Embedded BI

Project Management

Projects

Manage, track, and collaborate on projects with teams.

Projects
Sprints

Planning and tracking tool for scrum teams.

Sprints
BugTracker

Automatic bug tracking software for managing bugs.

BugTracker
Solo

The all-in-one toolkit for solopreneurs.

Solo
Suites
Projects Plus

Unified project management platform for intelligent, data-driven work.

Projects Plus

Developer Platforms

Creator

Build custom apps to simplify business processes.

Creator
Flow

Automate business workflows by creating smart integrations.

Flow
Office Integrator

Built in document editors for web apps.

Office Integrator
DataPrep

AI-powered data preparation service for your data-driven organization.

DataPrep
ZeptoMail

Secure and reliable transactional email sending service.

ZeptoMail
Tables

Work management tool to connect people, processes, and information.

Tables
QEngine

Test automation software to build, manage, execute, and report testcases.

QEngine
Catalyst

Pro-code platform to build and deploy your apps.

Catalyst
RPA

Automate manual, tedious, and repetitive tasks easily.

RPA
NEW
IoT

Build, deploy, and scale IoT solutions for connected businesses.

IoT
Apptics

Application analytics for all apps.

Apptics
Embedded BI

Embedded analytics and white label BI solutions, tailored for your needs.

Embedded BI

IoT

NEW
IoT

Low-code IoT platform and solutions for connected businesses.

IoT
CRM Plus

Unified platform to deliver top-notch customer experience.

Try now
CRM Plus
Service Plus

Unified platform for customer service and support teams.

Try now
Service Plus
Finance Plus

All-in-one suite to manage your operations and finances.

Try now
Finance Plus
People Plus

Comprehensive HR platform for seamless employee experiences.

Try now
People Plus
Workplace

Application suite built to improve team productivity and collaboration.

Try now
Workplace
Marketing Plus

Unified marketing platform for marketing teams.

Try now
Marketing Plus
Projects Plus

Unified project management platform for intelligent, data-driven work.

Try now
Projects Plus
All-in-one suite

Zoho One

The Operating System for Business

Run your entire business on Zoho with our unified cloud software, designed to help you break down silos between departments and increase organizational efficiency.

TRY ZOHO ONE
Zoho Marketplace

With over 2000 ready-to-use extensions across 40+ categories, connect your favorite business tools with the Zoho products you already use.

EXPLORE MARKETPLACE
Skip to main content

MDM - FAQs & Troubleshooting

This FAQ and troubleshooting guide provides answers to common questions about MDM, its integration with Zoho Mail, and the steps for addressing potential issues. Whether you’re an admin setting up security policies or a user navigating device enrollment, this page serves as a comprehensive resource to ensure a seamless and secure experience. Explore the sections below to find solutions tailored to your needs.

General FAQs

1.What is MDM?

Mobile Device Management (MDM) is a software that allows IT administrators to manage and secure mobile devices used by employees/users within an organization. Zoho Mail uses ManageEngine's Mobile Device Management to protect sensitive data in mobile apps by enforcing security policies and restricting certain actions. It also helps separate work-related data on personal devices. Once MDM is enabled, administrators ensure that only authorized apps are available for download, creating a secure app environment.

2. Which plans support MDM integration?

The MDM feature is currently available only if you have subscribed to one of the paid plans of Zoho Workplace, Zoho Mail Premium plan, or the Zoho Mail Mix and Match / Flexible plans. Reach out to support@zohomail.com for more details.

3. Can we enable the MDM integration in Zoho Mail and also buy a standalone subscription from ManageEngine?

No, an organization can have only one MDM subscription. If your organization already has a standalone MDM subscription from ManageEngine, you cannot use the MDM integration available in Zoho Mail. Similarly, if you are using the MDM integration in Zoho Mail and decide to switch to ManageEngine's standalone MDM service, you can migrate the integration. However, this migration is a one-way process. Once the integration is moved from Zoho Mail to ManageEngine's standalone MDM, it cannot be reverted back. Likewise, if you are using ManageEngine's standalone MDM service, you cannot transfer the configuration to Zoho Mail.

4. Do we need to purchase a paid Google account to configure "Android for Work (AFW)" or "Android Enterprise?

No, you do not need to purchase a paid Google account to configure Android for Work (AFW) or Android Enterprise. You can use either a Google Workspace account (previously G Suite) or a personal Google account to set up and manage Android for Work (AFW).

5. Can we use third-party MDM service providers to manage our organization’s devices?

This integration is designed to work exclusively with ManageEngine's MDM. While organizations can use other MDM solutions to manage their devices and apps, conditional access policies cannot be enforced through third-party MDM services.

That said, Zoho Mail now provides basic integration support with Scalefusion, allowing organizations to manage their devices through Scalefusion while continuing to use Zoho Mail. For detailed instructions on configuring this integration, please refer to this help page.

6. How many devices can an organization enroll in total when MDM integration is enabled?

An organization can enroll an unlimited number of devices in total. However, administrators can impose limits on the number of devices each user is allowed to enroll by configuring device limit settings in Zoho Mail Admin Console. For detailed steps to configure device limits, click here.

7. Is there a helpdesk email address to contact for assistance or report issues?

You can reach out to Zoho Mail support at support@zohomail.com.

MDM Admin Configurations and Actions 

1. Is the use of an allowed IP mandatory for all policies?

No, the allowed IP is not always mandatory. It is only required when configuring Device or IP, and Device and IP security policies. These policies ensure that only specific devices or IP addresses can access the system. However, if you're not using these specific policies, the allowed IP setting is not necessary. To learn about each security policy and how to configure them, click here.

2. Where to add the allowed IP? In the Zoho Mail Admin Console or Zoho Directory?

Allowed IPs can be added in the Zoho Directory.  To set up IP restrictions, navigate to Zoho Directory, click on the created security policy (Device or Allowed IP addresses / Device and Allowed IP addresses ), then go to the Allowed IPs section to set up IP restrictions according to your preferences. For detailed directions, refer here.

3. What happens if the APNs certificate expires?

The APNs (Apple Push Notification Service) certificate must be renewed annually. If the certificate is not renewed, iOS devices will no longer be manageable, and users will be required to re-enroll their devices. This involves generating a new certificate and updating it in your system to ensure that push notifications continue to work seamlessly. As an admin, you can renew the APNs certificate directly from the Admin Console. Learn more.

4. Can we add non-Zoho apps to the MDM app catalog, apart from Zoho Workplace apps?

At the moment, there is no option to add third-party or non-Zoho apps to the MDM app catalog. The catalog is currently limited to Zoho Workplace apps, and administrators can only push these apps to users' devices for installation.

5. How can I change the AFW configuration?

To change the Android for Work (AFW) configuration, please reach out to support@zohomail.com.

6. How do I disable MDM for my organization?

To disable MDM for your organization, please contact our support team at support@zohomail.com, and they will help you through the necessary steps to disable MDM for your organization.

7. How do I manage a lost or stolen device of a user?

If a user's device is lost or stolen, it's essential to act quickly to protect organization data. The user should immediately contact the administrator to report the situation. The administrator can then un-enroll the device from the organization's device management system to ensure that it no longer has access to sensitive data. Learn more.

Here’s how an administrator can un-enroll the device:

  1. Log in to Zoho Mail Admin Console.
  2. Select Security & Compliance on the left pane.
  3. Navigate to Enrolled Devices under the Mobile Device Management section.
  4. Search for the user’s email associated with the lost or stolen device using the search bar.
  5. In the search results, locate the device and click on the Un-enroll option.

Un-enrolling the device revokes its access to organization data, helping to secure sensitive information. Always report a lost or stolen device to the administrator immediately to prevent any unauthorized access.

8. How to restrict the user from logging in with other email accounts? 

Add user email to the conditional access policy associated group. So, the user will not be able to login to the blocked device.

9. How can I restrict a user from accessing their account on any device other than the enrolled device?

To prevent a user from accessing their account on any device other than their enrolled device, you need to add their account to the conditional access policy's associated group in Admin Console. This ensures that the user can log in only from their designated device and will be blocked from accessing their account on any other device. For more information, click here.

10. What should I do when a user needs to switch to a new device for work?

When a user requests to switch to a new device, follow these steps:

  1. Un-enroll the current device: Remove the user's current device from the organization's device listing and associated conditional access policy groups.
  2. Provide the self-enrollment link: Share the self-enrollment link with the user for enrolling their new device.
  3. Re-add the user to groups: Once the user has successfully enrolled their new device, re-add them to the appropriate conditional access policy groups to restore their access and permissions.

These steps help ensure a secure transition for the user’s new device.

11. How can I prevent users from accessing multiple email accounts on the same enrolled device?

To prevent organization users from accessing their email accounts from the same enrolled device using different email accounts, you can enable the app restriction titled "Restrict login with different email accounts." This setting ensures that the user can only log in to the app with their authorized email account, blocking any attempts to sign in with other accounts. For detailed instructions on how to enable this app restriction, refer here.

12. Can I restrict users from enrolling multiple devices?

Yes, administrators can configure a limit on the number of mobile devices a user can enroll. To set this limit, go to Mobile Device Management > Settings > General > Device Limit in the Admin Console. Here, you can specify a Device Limit ranging from 1 to 10 for each user. A user cannot enroll more devices than the specified limit. If no limit is set, users can enroll an unlimited number of devices. For detailed steps to configure device limits, click here.

13. Why do all iOS devices under the enrolled devices section display as "iPhone," and how can I fix it?

By default, iOS devices do not display their actual names and will instead appear as "iPhone" in Admin Console. To ensure the actual device names are visible, follow the steps outlined here. It is important to configure these settings in the MDM console before applying app restriction configurations in the Zoho Mail Admin Console. Once the MDM configuration is complete, these changes cannot be made.

Device Enrollment

1. What is device enrollment?

Device enrollment is the process by which users in an organization register their mobile devices with the Mobile Device Management (MDM) system. This device enrollment process is crucial for ensuring that the MDM settings, including app restrictions and security policies, are properly applied to each user's device. If you would like to learn more about device enrollment and the steps to complete it, click here.

2. What are my benefits for enrolling the device?

Enrolling your device ensures that your work and personal apps and data are kept separate. It also simplifies access to your official apps by providing an organized App Catalog, making it more convenient for you to manage and use the apps necessary for work. This separation helps protect sensitive work-related information while offering a streamlined, secure experience on your device.

3. What is App Catalog?

The App Catalog is a curated repository of applications provided by your organization administrator for your use. It serves as a centralized platform where you can easily find and install the apps you need for work. However, only the applications approved and allowed by your administrator will be available in the App Catalog. This ensures that all apps meet the organization’s security and usage policies, providing a streamlined and secure way to manage work-related applications on your devices.

4. How do I know if my iOS phone or tablet is supported for device enrollment?

Most devices running Android 5.0+ and iOS 5.0+ are supported. You can learn more about supported devices for Android and iOS here.

5. How can I check if my device is currently enrolled in MDM?

To determine if your device is enrolled in Mobile Device Management (MDM), follow these steps based on your device type:

  • For Android Devices: Go to your device's Settings, then navigate to Accounts. Look for a Work Profile listed among your accounts. The presence of a Work Profile indicates that your device is enrolled in MDM.
  • For iOS Devices: Open the Settings app, go to General, and select VPN & Device Management. If you see an MDM profile listed, your device is enrolled in MDM.

These steps will help you confirm whether your device is under MDM management.

6. Is it possible to enroll the device if clone apps or Dual Space are installed on the mobile?

No, it is not possible to enroll the device if clone apps or Dual Space are installed on the mobile.

7. Can the same device be enrolled after a factory reset?

Yes, but the installed MDM profile and work apps will be removed. Additionally, your device will be removed from the list of enrolled devices from your organization’s MDM setup. You will need to re-enroll your device and reinstall your official work applications. Please reach out to your organization's administrator if you need assistance.

8. What should I do if I need to switch to a new device for work?

If you need to switch to a new device for work, you should first contact your organization administrator to inform them about the change. The admin will un-enroll your current device to ensure it is no longer authorized. Once this is done, you’ll need to re-enroll your new device using a self-enrollment link provided by the admin. After enrolling the new device, wait for the admin to re-add you to the necessary groups, so you can regain the appropriate access and permissions.

9. Does device enrollment affect battery life or device performance?

No, device enrollment is designed to operate efficiently with minimal resource usage, ensuring there is no noticeable impact on your device's battery life or overall performance. The primary purpose of enrolling your device is to enhance security by adding a protective layer for your work-related apps and data. This ensures that your device remains secure without compromising its usability or functionality.

10. What should I do if I lose my mobile device?

If you lose your mobile device, it’s crucial to act quickly to protect your sensitive data. First, confirm that your device is indeed lost or stolen. Once you are certain, immediately report the situation to your organization administrator. The administrator can then take action to un-enroll your device from the organization’s device listing, which ensures that it is no longer authorized to access work-related data or resources. This process helps prevent unauthorized access and keeps your data secure.

11. How many mobile devices can I enroll?

The number of mobile devices you can enroll depends on the device limit restriction set by your organization administrator. If no device limit is configured, you can enroll multiple devices. However, to ensure secure access, it's important to follow any guidelines provided by your organization regarding device enrollment.

12. Why can't I search for or add apps from the Play Store in my work profile?

The Play Store in your device's work profile is configured to show only the apps that have been approved and added by your organization's admin. As a result, the full list of apps available in general Play Store will not be visible or accessible within the work container. If you can't find or add a particular app, it may not have been included by the admin. Please reach out to your organization admin for more details.

13. Are there any restrictions on using certain features or apps on my device while enrolled in MDM?

No, there will be no restrictions on your device when it comes to personal apps outside of the official ones. All applied restrictions will only affect your official applications. You can continue installing apps for personal purposes as usual. On an enrolled Android device, personal apps can be installed under the Personal tab. For iOS devices, personal apps can be downloaded from the App Store using your personal iCloud account, just like before.

14. What happens if I delete work apps from my device?

If you delete work apps from your device, you can reinstall them from the MDM app catalog at any time. However, if you have removed the MDM app itself, you may need to re-enroll your device to access the app catalog again. It is recommended not to delete work apps from your device unless specifically instructed by your organization’s administrator. Please reach out to your organization administrator for assistance.

15. Where should I scan the QR code?

The QR code has to be scanned through the ME MDM app. 

16. What should I do if a blank screen appears in the MDM app while enrolling my mobile device?

If you encounter a blank screen while trying to enroll your mobile device in the MDM app, it's important to reach out to MDM support at support@zohomail.com for assistance. They will guide you through the necessary steps to complete the enrollment process successfully.

17. What does the "Untrusted device" error mean on my mobile device?

The "Untrusted device" error occurs when you try to log in from a mobile device that hasn’t been enrolled in your organization’s Mobile Device Management (MDM) system. To access organizational resources securely, your device must be enrolled and trusted. Contact your administrator if you believe your device should be authorized for assistance.

18. What does the "Untrusted device" error mean on my laptop?

If you see the "Untrusted device" error on your laptop, it may be due to the following:

  • Device-only and Device & IP policies: These policies restrict login to only enrolled mobile devices. If you try to log in without using an enrolled device, the error will appear.
  • Device or IP policy: If you are logging in from a network that is not allowed by your organization's security policy, this error will be triggered.

For more details, contact your organization administrator for assistance.

19. What should I do if I encounter difficulties with the work apps, such as it closing or crashing on its own?

If the Work apps on your mobile device is closing or crashing unexpectedly, follow these steps:

  • Ensure that your device has sufficient free storage space. Lack of space can cause apps to malfunction.
  • Go to your device's settings to check for and install any available software updates.
  • Access the MDM app catalog in your Android Work profile and check for any available updates for the Gov Mail app. If updates are available, make sure to install them.

If you still encounter issues after following these steps, contact Zoho Mail support at support@zohomail.com for further assistance.

20. What should I do if I encounter difficulties installing MDM on my mobile device?

First, verify that your mobile device has a stable internet connection and sufficient network coverage. A poor network coverage or intermittent connection can hinder the installation process. To ensure a reliable connection, connect to a strong and stable network, and try installing MDM again. If possible, move to an area with better network reception before attempting to install MDM again. If you still face issues, please reach out to support at support@zohomail.com.

21. My Work Profile is not visible on my Android device, what should I do?

If you are facing any issues locating the installed work profile on your Android device, try checking your settings. For most Android devices, the downloaded work profile can be found by navigating to device's settings > Accounts. Look for a Work Profile listed among your accounts. For specific instructions regarding the work profile on your particular device, please refer to the help documentation provided by your device manufacturer. This will offer detailed guidance tailored to your device model and its unique settings.

Still can't find what you're looking for?

Write to us: support@zohomail.com